You cannot establish an IPsec connection between a Linux operating system and a Windows Vista operating system when you initiate the connection from the Linux operating system

Article translations Article translations
Article ID: 950826 - View products that this article applies to.
Expand all | Collapse all

On This Page

SYMPTOMS

Consider the following scenario. You use Windows Vista Local Security Policy on a Windows Vista-based computer. Or, you use the new Windows Firewall with Advanced Security on a Windows Vista-based computer. You try to initiate an Internet Protocol Security (IPsec) connection from a Linux-based computer to the Windows Vista-based computer. In this scenario, you cannot establish the connection.

Notes
  • If you initiate the IPsec connection from the Windows Vista side, the connection is established correctly.
  • Windows XP and Windows Server 2003 work correctly with the Linux operating system in this environment.

CAUSE

In IPsec negotiation for transform proposal of the combination where Authentication Header (AH) and Encapsulating Security Payload (ESP) are used for securing the same packet (AH+ESP), Windows Vista switches the order and replaces the packet with ESP+AH. This behavior breaks the negotiation. In this case, when you initiate the IPsec connection from a Linux-based computer, the Linux operating system proposes that the IPsec security format is AH+ESP. Therefore, the connection cannot be established.

WORKAROUND

To work around this issue, modify the policy to use ESP or to use AH.

RESOLUTION

Hotfix information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
http://support.microsoft.com/contactus/?ws=support
Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.

Prerequisites

No prerequisites are required.

Restart requirement

You must restart the computer after you apply this hotfix.

Hotfix replacement information

This hotfix does not replace a previously released hotfix.

File information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

Windows Vista, x86-based versions

Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Package_1_for_kb950826~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable2,23019-May-200818:38Not Applicable
Package_2_for_kb950826~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable2,17719-May-200818:38Not Applicable
Package_3_for_kb950826~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,72919-May-200818:38Not Applicable
Package_4_for_kb950826~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable2,23519-May-200818:38Not Applicable
Package_5_for_kb950826~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable2,23519-May-200818:38Not Applicable
Package_6_for_kb950826~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable2,22719-May-200818:38Not Applicable
Package_7_for_kb950826~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable2,22219-May-200818:38Not Applicable
Package_for_kb950826_client_0~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,42619-May-200818:38Not Applicable
Package_for_kb950826_client_1~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,64119-May-200818:38Not Applicable
Package_for_kb950826_client~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,71319-May-200818:38Not Applicable
Package_for_kb950826_sc_0~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,42219-May-200818:38Not Applicable
Package_for_kb950826_sc~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,42319-May-200818:38Not Applicable
Package_for_kb950826_server_0~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,42519-May-200818:38Not Applicable
Package_for_kb950826_server~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,43119-May-200818:38Not Applicable
Package_for_kb950826_winpesrv_0~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,42219-May-200818:38Not Applicable
Package_for_kb950826_winpesrv~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,43019-May-200818:38Not Applicable
Package_for_kb950826_winpe_0~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,42019-May-200818:38Not Applicable
Package_for_kb950826_winpe~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,42419-May-200818:38Not Applicable
Update.mumNot Applicable3,57119-May-200818:38Not Applicable
X86_52789c43d3f055f9d9eb1bc197e20dff_31bf3856ad364e35_6.0.6001.22181_none_79e3e709eabf8897.manifestNot Applicable70219-May-200818:38Not Applicable
X86_73a58bf179c5b654641a3611881ca33c_31bf3856ad364e35_6.0.6001.22181_none_1eb9c1c634b1ad25.manifestNot Applicable1,40219-May-200818:38Not Applicable
X86_87ed8c2d8ba43e31a4056835543c0af9_31bf3856ad364e35_6.0.6000.20836_none_6d6f6ffad27a1c9b.manifestNot Applicable1,39319-May-200818:38Not Applicable
X86_ffc5c719bb0cc0c0c07dfcc715559182_31bf3856ad364e35_6.0.6001.22181_none_348e81e41b2ca962.manifestNot Applicable1,05619-May-200818:38Not Applicable
X86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6000.20836_none_55245ed8d1577f3c.manifestNot Applicable3,90817-May-200804:31Not Applicable
X86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6001.22181_none_56cf8a8aceab2008.manifestNot Applicable3,90817-May-200804:42Not Applicable
X86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.20836_none_cbad61ec4694cfe6.manifestNot Applicable126,92017-May-200804:32Not Applicable
X86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22181_none_cd588d9e43e870b2.manifestNot Applicable127,63417-May-200804:45Not Applicable
X86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22181_none_b35230077fc3d99f.manifestNot Applicable6,25417-May-200804:45Not Applicable
X86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20836_none_600e87dfab63a295.manifestNot Applicable28,87117-May-200804:29Not Applicable
Netio.sys6.0.6000.20836217,14417-May-200804:18x86
Netio.sys6.0.6001.22181223,28817-May-200803:48x86
Bfe.dll6.0.6000.20836317,44017-May-200803:29x86
Fwpkclnt.sys6.0.6000.2083685,50417-May-200801:21x86
Fwpuclnt.dll6.0.6000.20836543,23217-May-200803:29x86
Ikeext.dll6.0.6000.20836416,76817-May-200803:29x86
Wfp.mofNot Applicable81609-Jan-200823:23Not Applicable
Wfp.tmfNot Applicable115,17317-May-200801:22Not Applicable
Bfe.dll6.0.6001.22181328,70417-May-200803:21x86
Fwpkclnt.sys6.0.6001.22181101,43217-May-200803:48x86
Fwpuclnt.dll6.0.6001.22181595,45617-May-200803:23x86
Ikeext.dll6.0.6001.22181438,27217-May-200803:23x86
Wfp.mofNot Applicable81418-Dec-200721:11Not Applicable
Wfp.tmfNot Applicable175,50817-May-200801:22Not Applicable
Tcpip.sys6.0.6001.22181891,44817-May-200803:50x86
Netiomig.dll6.0.6000.2083649,15217-May-200803:31x86
Netiougc.exe6.0.6000.2083622,01617-May-200801:21x86
Tcpip.sys6.0.6000.20836805,88817-May-200801:22x86
Tcpipcfg.dll6.0.6000.20836167,42417-May-200803:33x86

Windows Vista, x64-based versions

Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Package_1_for_kb950826~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable2,23019-May-200818:38Not Applicable
Package_2_for_kb950826~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable2,17719-May-200818:38Not Applicable
Package_3_for_kb950826~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,72919-May-200818:38Not Applicable
Package_4_for_kb950826~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable2,23519-May-200818:38Not Applicable
Package_5_for_kb950826~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable2,23519-May-200818:38Not Applicable
Package_6_for_kb950826~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable2,22719-May-200818:38Not Applicable
Package_7_for_kb950826~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable2,22219-May-200818:38Not Applicable
Package_for_kb950826_client_0~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,42619-May-200818:38Not Applicable
Package_for_kb950826_client_1~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,64119-May-200818:38Not Applicable
Package_for_kb950826_client~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,71319-May-200818:38Not Applicable
Package_for_kb950826_sc_0~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,42219-May-200818:38Not Applicable
Package_for_kb950826_sc~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,42319-May-200818:38Not Applicable
Package_for_kb950826_server_0~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,42519-May-200818:38Not Applicable
Package_for_kb950826_server~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,43119-May-200818:38Not Applicable
Package_for_kb950826_winpesrv_0~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,42219-May-200818:38Not Applicable
Package_for_kb950826_winpesrv~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,43019-May-200818:38Not Applicable
Package_for_kb950826_winpe_0~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,42019-May-200818:38Not Applicable
Package_for_kb950826_winpe~31bf3856ad364e35~x86~~6.0.1.0.mumNot Applicable1,42419-May-200818:38Not Applicable
Update.mumNot Applicable3,57119-May-200818:38Not Applicable
X86_52789c43d3f055f9d9eb1bc197e20dff_31bf3856ad364e35_6.0.6001.22181_none_79e3e709eabf8897.manifestNot Applicable70219-May-200818:38Not Applicable
X86_73a58bf179c5b654641a3611881ca33c_31bf3856ad364e35_6.0.6001.22181_none_1eb9c1c634b1ad25.manifestNot Applicable1,40219-May-200818:38Not Applicable
X86_87ed8c2d8ba43e31a4056835543c0af9_31bf3856ad364e35_6.0.6000.20836_none_6d6f6ffad27a1c9b.manifestNot Applicable1,39319-May-200818:38Not Applicable
X86_ffc5c719bb0cc0c0c07dfcc715559182_31bf3856ad364e35_6.0.6001.22181_none_348e81e41b2ca962.manifestNot Applicable1,05619-May-200818:38Not Applicable
X86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6000.20836_none_55245ed8d1577f3c.manifestNot Applicable3,90817-May-200804:31Not Applicable
X86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6001.22181_none_56cf8a8aceab2008.manifestNot Applicable3,90817-May-200804:42Not Applicable
X86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.20836_none_cbad61ec4694cfe6.manifestNot Applicable126,92017-May-200804:32Not Applicable
X86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22181_none_cd588d9e43e870b2.manifestNot Applicable127,63417-May-200804:45Not Applicable
X86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22181_none_b35230077fc3d99f.manifestNot Applicable6,25417-May-200804:45Not Applicable
X86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20836_none_600e87dfab63a295.manifestNot Applicable28,87117-May-200804:29Not Applicable
Netio.sys6.0.6000.20836217,14417-May-200804:18x86
Netio.sys6.0.6001.22181223,28817-May-200803:48x86
Bfe.dll6.0.6000.20836317,44017-May-200803:29x86
Fwpkclnt.sys6.0.6000.2083685,50417-May-200801:21x86
Fwpuclnt.dll6.0.6000.20836543,23217-May-200803:29x86
Ikeext.dll6.0.6000.20836416,76817-May-200803:29x86
Wfp.mofNot Applicable81609-Jan-200823:23Not Applicable
Wfp.tmfNot Applicable115,17317-May-200801:22Not Applicable
Bfe.dll6.0.6001.22181328,70417-May-200803:21x86
Fwpkclnt.sys6.0.6001.22181101,43217-May-200803:48x86
Fwpuclnt.dll6.0.6001.22181595,45617-May-200803:23x86
Ikeext.dll6.0.6001.22181438,27217-May-200803:23x86
Wfp.mofNot Applicable81418-Dec-200721:11Not Applicable
Wfp.tmfNot Applicable175,50817-May-200801:22Not Applicable
Tcpip.sys6.0.6001.22181891,44817-May-200803:50x86
Netiomig.dll6.0.6000.2083649,15217-May-200803:31x86
Netiougc.exe6.0.6000.2083622,01617-May-200801:21x86
Tcpip.sys6.0.6000.20836805,88817-May-200801:22x86
Tcpipcfg.dll6.0.6000.20836167,42417-May-200803:33x86

Windows Vista, Itanium-based versions

Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Ia64_ab52ebd9eacf90b37db08f0b90e5e91d_31bf3856ad364e35_6.0.6001.22181_none_687d7f93a191a84a.manifestNot Applicable2,11019-May-200818:38Not Applicable
Ia64_dd8ce3d5a315c01d7f7a8f6c92d169ee_31bf3856ad364e35_6.0.6001.22181_none_6a50e8398a7ecc95.manifestNot Applicable1,40619-May-200818:38Not Applicable
Ia64_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6001.22181_none_56d12e80cea92904.manifestNot Applicable3,91217-May-200805:28Not Applicable
Ia64_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22181_none_cd5a319443e679ae.manifestNot Applicable127,65717-May-200805:31Not Applicable
Ia64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22181_none_b353d3fd7fc1e29b.manifestNot Applicable6,26517-May-200805:32Not Applicable
Package_1_for_kb950826~31bf3856ad364e35~ia64~~6.0.1.0.mumNot Applicable2,23719-May-200818:38Not Applicable
Package_2_for_kb950826~31bf3856ad364e35~ia64~~6.0.1.0.mumNot Applicable2,69419-May-200818:38Not Applicable
Package_3_for_kb950826~31bf3856ad364e35~ia64~~6.0.1.0.mumNot Applicable2,69419-May-200818:38Not Applicable
Package_for_kb950826_sc_0~31bf3856ad364e35~ia64~~6.0.1.0.mumNot Applicable1,42519-May-200818:38Not Applicable
Package_for_kb950826_sc~31bf3856ad364e35~ia64~~6.0.1.0.mumNot Applicable1,42619-May-200818:38Not Applicable
Package_for_kb950826_server_0~31bf3856ad364e35~ia64~~6.0.1.0.mumNot Applicable1,42919-May-200818:38Not Applicable
Package_for_kb950826_server~31bf3856ad364e35~ia64~~6.0.1.0.mumNot Applicable1,43419-May-200818:38Not Applicable
Package_for_kb950826_winpesrv_0~31bf3856ad364e35~ia64~~6.0.1.0.mumNot Applicable1,42619-May-200818:38Not Applicable
Package_for_kb950826_winpesrv~31bf3856ad364e35~ia64~~6.0.1.0.mumNot Applicable1,43319-May-200818:38Not Applicable
Update.mumNot Applicable2,42319-May-200818:38Not Applicable
Wow64_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6001.22181_none_bd42d060bb695339.manifestNot Applicable2,73017-May-200804:34Not Applicable
Wow64_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22181_none_33cbd37430a6a3e3.manifestNot Applicable71,15517-May-200804:35Not Applicable
Netio.sys6.0.6001.22181641,59217-May-200804:14IA-64
Bfe.dll6.0.6001.22181781,31217-May-200803:36IA-64
Fwpkclnt.sys6.0.6001.22181264,24817-May-200804:14IA-64
Fwpuclnt.dll6.0.6001.221811,122,30417-May-200803:39IA-64
Ikeext.dll6.0.6001.22181925,69617-May-200803:41IA-64
Wfp.mofNot Applicable81418-Dec-200721:11Not Applicable
Wfp.tmfNot Applicable174,77517-May-200801:50Not Applicable
Tcpip.sys6.0.6001.221812,922,55217-May-200804:17IA-64
Fwpuclnt.dll6.0.6001.22181595,45617-May-200803:23x86
Wfp.mofNot Applicable81418-Dec-200721:11Not Applicable

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

MORE INFORMATION

For more information about security policy settings for Windows Vista, visit the following Microsoft Web site:
http://technet2.microsoft.com/WindowsVista/en/library/c6c673db-0e8b-43da-95ad-2280cb0a7ab01033.mspx?mfr=true
For more information about Windows Firewall with Advanced Security and IPsec, visit the following Microsoft Web sites:
http://technet2.microsoft.com/windowsserver2008/en/library/ff06e8d5-b029-4c4a-8e13-2f27d721087b1033.mspx?mfr=true
http://technet2.microsoft.com/windowsserver2008/en/library/c042b3c5-dee1-4a31-ac35-e90e846290441033.mspx?mfr=true
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.

Properties

Article ID: 950826 - Last Review: May 28, 2008 - Revision: 1.3
APPLIES TO
  • Windows Vista Business
  • Windows Vista Enterprise
  • Windows Vista Home Basic
  • Windows Vista Home Premium
  • Windows Vista Starter
  • Windows Vista Ultimate
  • Windows Vista Business 64-bit Edition
  • Windows Vista Enterprise 64-bit Edition
  • Windows Vista Home Basic 64-bit Edition
  • Windows Vista Home Premium 64-bit Edition
  • Windows Vista Ultimate 64-bit Edition
  • Windows Vista Service Pack 1
Keywords: 
kbautohotfix kbexpertiseinter kbexpertisebeginner kbhotfixserver kbqfe KB950826

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com